When executing an application on a computing device, the application may access functionality provided by a computing resource on the computing device. For example, a computing resource may include a camera with which photographic operations may be performed, or a Global Positioning System (GPS) subsystem which may indicate the physical location of the computing device. To prevent unauthorized access to certain computing resources on the computing device by, for example, third-party applications, the device may be configured to request permission to access the computing resources from a user before allowing an application to access the computing resource.
An application developer may disclose the computing resources that the developer's application may access when the application is executed on a computing device, by identifying those computing resources in an installation manifest. This installation manifest can then be provided to computing devices upon which the application is to be installed. The installation manifest may be read when the application is being installed at a given computing device, so that, for each of one or more of the computing resources identifying in the installation manifest, a permission request to access the computing resource can be displayed to the user before the application is executed.